Difference between revisions of "Auto Assembler:reassemble"
Jump to navigation
Jump to search
(→Examples) |
|||
| Line 6: | Line 6: | ||
This is great for code changes in game updates, as well as [https://en.wikipedia.org/wiki/Polymorphic_code polymorphic code] or any code that has polymorphic like behavior. | This is great for code changes in game updates, as well as [https://en.wikipedia.org/wiki/Polymorphic_code polymorphic code] or any code that has polymorphic like behavior. | ||
| − | + | Note: It doesn't accept labels, just registered symbols and addresses. | |
=== Command Parameters === | === Command Parameters === | ||
Revision as of 00:36, 13 January 2018
Auto Assembler reassemble(Address)
Reassembles the given address, writing at it's declared location. It acts like a smart readMem. Reads the address's instruction, reevaluates any addresses, reassembles the address's instruction at it's declared location. This is great for code changes in game updates, as well as polymorphic code or any code that has polymorphic like behavior.
Note: It doesn't accept labels, just registered symbols and addresses.
Command Parameters
| Parameter | Type | Description |
|---|---|---|
| Address | string | The address or symbol of the memory block to change access rights |
Examples
reassemble(SomeRegisteredSymbol)
reassemble(00123ABC)
originalCode: reassemble(injectionPoint) jmp return
alloc(memTestMemory, 0x400)
registerSymbol(memTestMemory)
memTestMemory:
reassemble("Tutorial-i386.exe"+24B25)
reassemble("Tutorial-i386.exe"+24B29)
reassemble("Tutorial-i386.exe"+24B2D)
//// Read Memory
// Tutorial-i386.exe+24B25 - 83 45 EC 01 - add dword ptr [ebp-14],01
// Tutorial-i386.exe+24B29 - 83 7D EC 64 - cmp dword ptr [ebp-14],64
// Tutorial-i386.exe+24B2D - 74 02 - je Tutorial-i386.exe+24B31
//// Assembled Memory
// memTestMemory - 83 45 EC 01 - add dword ptr [ebp-14],01
// 003F0004 - 83 7D EC 64 - cmp dword ptr [ebp-14],64
// 003F0008 - 0F84 234B0300 - je Tutorial-i386.exe+24B31
